Why American Express?
There’s a difference between having a job and making a difference.
American Express has been making a difference in people’s lives for over 160 years, backing them in moments big and small, granting access, tools, and resources to take on their biggest challenges and reap the greatest rewards.
We’ve also made a difference in the lives of our people, providing a culture of learning and collaboration, and helping them with what they need to succeed and thrive. We have their backs as they grow their skills, conquer new challenges, or even take time to spend with their family or community. And when they’re ready to take on a new career path, we’re right there with them, giving them the guidance and momentum into the
best future they envision.
Because we believe that the best way to back our customers is to back our people.
The powerful backing of American Express.
Don’t make a difference without it.
Don’t live life without it.
Responsible for assisting with activities designed to systematically manage information security, such as security investigations, intelligence, assurance, and awareness, and/or other project oversight, including developing best practices for information security standards and managing IT controls and compliance with regulatory guidance. Organizational Context Works with technology and business partners across business functions/processes to ensure alignment, understanding and ongoing communication on security controls, compliance and information security risk management. Works individually and with teams on both structured and unstructured assignments. Key Responsibilities:
- Assists in developing, implementing and monitoring compliance to AXP and Information security policies, standards and procedures, and other policies and standards as appropriate
- Enforces security policies by administering and monitoring profiles, reviewing violation reports and investigating possible exceptions; document controls
- Prepares materials (reports, presentations, spreadsheets, etc) on information security to help develop scenarios, response procedures, and to enable informed decision making; verify completeness, accuracy and relevance of data gathered
- Utilizes tools and documented processes to ensure consistency and optimization of information security processes; work in support of efforts to measure and improve information security processes
- Prepares status reports on information security, or other matters to help develop, track, monitor and report on projects and initiatives
- Consults on controls, processes, and procedures
- Facilitates meetings to gather and document products/services or generic process changes
- Maintains internal documentation library, ensuring that process and other documentation is regularly updated to reflect latest operational processes and requirements
- Provides root cause analysis assistance for incident management or post-implementation efforts
- Provides analytical support as needed for issue management, project assessments, and reporting
- Participates in the evaluation of products and/or procedures to enhance productivity and effectiveness
- Supports the analysis of underlying trends and action plans associated with information security and other domains
- Maintains records to allow for historical trending analysis
- Accountable for ensuring security best practices, policies, and procedures are implemented and adhered to
- Bachelor’s Degree in Computer Science, Information Systems, Business Administration, or other related field preferred (or equivalent work experience)
- Certification may be required for specific functions
- Up to 6 years of information security experience
- Experience with gathering functional requirements, deployment of information security tools, and data analysis
- In-depth experience with desktop software and office automation tools
- Analyzes complex information and identifies the most relevant details
- Shows personal determination and resilience; is optimistic in changing circumstances
- Continually seeks and learns from feedback
- Is clear when explaining ideas and concepts to others - communication is structured, compelling, and impactful, and creates a credible impression
- Involves the right people to ensure the best decisions are made in a timely manner
- Challenges the status quo and questions current approaches where appropriate
- Continually looks for contingency options and proactively adapts plans and priorities
- Takes the initiative to create clarity when changing circumstances cause ambiguity
- Translates and interprets AXP business strategies to clarify direction for self and/or team and to gauge impact on current plans
- Strong work prioritization, planning, and organizational skills
- Knowledge or awareness in information security, compliance, assurance, and/or other security best practices and principles.
- Passion for learning
Technology Core Competencies:
- Adaptive Communication
- Agile Practices
- Industry and Company Knowledge
- Organizational Change Management
- Technical Acumen
- Technology Industry Trends
- Collaboration & Teamwork
- Continuous Improvement
- Servant Leadership
- Emerging Technologies
- System/Platform Domain Knowledge
- Business Risk Management
- Information Security
- Analytical Thinking
- Relationship Management
- Business Case Development
- Regulatory Compliance
Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.